72 matches found
CVE-2026-29136
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to inject HTML into notification emails about new CA certificates...
CVE-2026-29135
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization...
CVE-2026-29134
SEPPmail Secure Email Gateway before version 15.0.3 allows an external user to modify GINA webdomain metadata and bypass per-domain restrictions...
CVE-2026-29142
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted email...
CVE-2026-29137
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to hide security tags from users by crafting a long subject...
CVE-2026-29140
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause attacker-controlled certificates to be used for future encryption to a victim by adding the certificates to S/MIME signatures...
EUVD-2026-18150
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to craft a password-tag that bypasses subject sanitization...
EUVD-2026-18168
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to bypass subject sanitization and forge security tags using Unicode lookalike characters...
EUVD-2026-18156
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own...
EUVD-2026-18144
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker with access to a victim's GINA account to bypass a second-password check and read protected emails...
CVE-2026-29140
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to cause attacker-controlled certificates to be used for future encryption to a victim by adding the certificates to S/MIME signatures...
CVE-2026-29131
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to read the contents of emails encrypted for other users...
CVE-2026-29136
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to inject HTML into notification emails about new CA certificates...
CVE-2026-29136 CA Notification HTML Injection
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to inject HTML into notification emails about new CA certificates...
CVE-2026-29139 GINA State Confusion Account Takeover
SEPPmail Secure Email Gateway before version 15.0.3 allows account takeover by abusing GINA account initialization to reset a victim account password...
CVE-2026-29143
CVE-2026-29143 affects SEPPmail Secure Email Gateway prior to version 15.0.3. The issue is that the inner S/MIME-encrypted MIME entity is not properly authenticated, enabling an attacker to manipulate trusted headers. The root cause is insufficient verification of the inner message, with potentia...
CVE-2026-29138
SEPPmail Secure Email Gateway before version 15.0.3 allows attackers with a specially crafted email address to claim another user's PGP signature as their own...
CVE-2026-29142 Plaintext secure-mail.html
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted email...
CVE-2026-29142 Plaintext secure-mail.html
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted email...
CVE-2026-29142
SEPPmail Secure Email Gateway before version 15.0.3 allows an attacker to forge a GINA-encrypted email...